<?php
	include_once 'checkloginstatus.php';
	include_once '../mysqldb/MySqlHelper.php';
    $Title='';
    $Content='';
    $Status=0;
    /**
		操作，0为添加，1为修改
     */
    $Action=0;
	
    Init();
    function Init()
    {
    	if(isset($_POST['btnSubmit']))
    	{
    		if(get_magic_quotes_gpc())
    		{
	    		$GLOBALS['Content']=stripslashes($_POST['content']);	
    		}
    		else {
    			$GLOBALS['Content']=$_POST['content'];
    		}
    		$GLOBALS['Title']=$_POST['title'];
    		$GLOBALS['Status']=$_POST['Status'];
    		if($_POST['Action']==0)
    		{
    			Add();
    		}
    		else 
    		{
    			Mod();
    		}
    	}
    	InitMod();
    }
    function InitMod()
    {
    	if (isset($_GET['id'])) {
    		$MySqlHelper = new MySqlHelper();
    		if (is_numeric($_GET['id'])) {
    		    if ($MySqlHelper->Exists('select ID from Content where ID = '.$_GET['id'])) {
	    			$row=$MySqlHelper->GetRow('select ID,Title,Content,Status from Content where ID = '.$_GET['id']);
	    			$GLOBALS['Title']=$row['Title'];
	    			$GLOBALS['Content']=$row['Content'];
	    			$GLOBALS['Action']=1;
	    			$GLOBALS['Status']=$row['Status'];
	    		}
    		}
    	}
    }

    function Add()
    {
    	if(isset($_GET['nid']))
    	{
	    	if(is_numeric($_GET['nid']))
	    	{
		    	$sql='insert into Content(Title,AddTime,Content,ManagerID,NavID,Status) values (\''.$GLOBALS['Title'].'\',\''.date("y-m-d h:i:s",time()).'\',\''.$GLOBALS['Content'].'\','.$_SESSION['ID'].','.$_GET['nid'].','.$GLOBALS['Status'].')';
		    	SubmitOperate($sql);
	    	}
	    	else {
	    		alert('提供的参数值非法！');
	    	}
    	}
    	else {
    		alert('未提供正确的参数值');
    	}
    }
    function Mod(){
    	$sql='update Content set Title = \''.$GLOBALS['Title'].'\',Content = \''.$GLOBALS['Content'].'\',ManagerID = '.$_SESSION['ID'].',Status = '.$GLOBALS['Status'].' where ID = '.$_GET['id'];
    	SubmitOperate($sql);
    }
    function SubmitOperate($sql)
    {
    	$MySqlHelper = new MySqlHelper();
    	if($MySqlHelper->ExecSql($sql)>0)
    	{
    		alert('操作成功！');
    	}
    	else {
    		alert('操作失败');
    	}
    }
    function alert($msg){
    	echo '<script type="text/javascript">alert("'.$msg.'");</script>';
    }